Gooligan steals more than 1 million Google accounts

By: István Tamás in threats , technology December 1, 2016

Your Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and more are no longer safe. Gooligan, a new malicious software campaign infects your Android devices. gooligan Share on Facebook0 0 0share on GoogleTweet about this on TwitterShare on LinkedIn Do you already know the latest malicious software attack on Android smartphones? The name is Program: Gooligan.

What exactly is Gooligan? The main focus of Gooligan is to steal Google Accounts of devices with Android 4 (Jelly Bean, KitKat) and 5 (Lollipop). Later, these accounts are used to promote, rate, and download Google Play Store apps - making Googligan a huge advertising cheat system. Gooligan nestles into infected devices and steals authentication keys that can be used to access Google Play, Gmail, Google Photos, Google Docs, G Suite, Google Drive, and many other accounts. These vulnerabilities are used to install malicious programs on mobile devices. All in all, this is nothing special.

It is a very popular method to compromise a system. And that is the reason why it is so important for our digital lives to protect the systems and to keep up to date. - Mikel Echevarria Lizarraga, Malware Analyst at the Virus Lab at Avira. According Checkpoint there are already more than 80 harmful Gooligan apps. These apps have already stolen more than 1 million Google accounts.

The rate of increase is 13,000 stolen accounts - per day! Google's director of Android security has in this respect been a opinion on Google+ published: Several Ghost Push variants use publicly known vulnerabilities that are unpatched on older devices to gain privileges. In the last few weeks, we have worked closely with Checkpoint, a cyber security company, investigate and protect users from one of these variants. Nicknamed 'Gooligan', this variant used Google credentials on older versions of Android to generate fraudulent installs of other apps. - Adrian Ludwig, Google's director of Android Security You are working on a solution.

Where do these apps come from? The apps are found in shops of third-party providers what is considered for one or other as relief. But it is not! Users can be redirected to and browsed through these Internet apps when browsing through the Internet - and many do so too! The checkpoint article also says that 57% of the victims of this campaign are currently in Asia. However, we do not want you to lean back! The whole does not mean that only Asian "unsafe" download shops are affected by third parties. There are unreliable download shops on the Internet like "Sand am Meer". So, if you use other stores than the Google Play Store, your risk of infection increases - regardless of whether you are in Asia or not.


Diana Russo
Diana Russo

An efficient and reliable resource. They always remain flexible, cost effective, and lightning fast.